Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,761
Maven
5,000+
npm
4,368
NuGet
767
pip
4,137
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,538 advisories

Loading
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900,... High Unreviewed
CVE-2016-6277 was published May 17, 2022
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed
CVE-2020-10181 was published May 24, 2022
The Theme Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... High Unreviewed
CVE-2025-9890 was published Oct 18, 2025
A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1... High Unreviewed
CVE-2025-60535 was published Oct 14, 2025
Cross Site Request Forgery (CSRF) vulnerability in EndRun Technologies Sonoma D12 Network Time... High Unreviewed
CVE-2025-60956 was published Oct 6, 2025
The TextBuilder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 1.0... High Unreviewed
CVE-2025-9213 was published Oct 3, 2025
The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-2125 was published Apr 9, 2024
The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... High Unreviewed
CVE-2025-7052 was published Sep 30, 2025
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability... High Unreviewed
CVE-2025-35030 was published Sep 29, 2025
A multiple Cross-site scripting (XSS) vulnerability in the '/members/moremember.pl', and ‘... High Unreviewed
CVE-2024-24336 was published Mar 20, 2024
Cross Site Request Forgery (CSRF) vulnerability exists in the 'pvmsg.php?action=add_message',... High Unreviewed
CVE-2024-51144 was published Mar 5, 2025
Apollo Embedded Sandbox and Explorer vulnerable to CSRF via window.postMessage origin-validation bypass High
CVE-2025-59845 was published for @apollo/explorer (npm) Sep 26, 2025
ekzyis 0x9x-ui
Credited to ekzyis and 0x9x-ui
Cross-Site Request Forgery (CSRF) vulnerability in flytedesk Flytedesk Digital allows Stored XSS.... High Unreviewed
CVE-2025-60172 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in yourplugins Conditional Cart Messages for... High Unreviewed
CVE-2025-60171 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ashwani kumar GST for WooCommerce allows... High Unreviewed
CVE-2025-60173 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Taraprasad Swain HTACCESS IP Blocker allows... High Unreviewed
CVE-2025-60170 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in W3S Cloud Technology W3SCloud Contact Form 7... High Unreviewed
CVE-2025-60169 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp allows Stored XSS. This... High Unreviewed
CVE-2025-60164 was published Sep 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in javothemes Javo Core allows Authentication... High Unreviewed
CVE-2025-60111 was published Sep 26, 2025
Spring Batch Admin vulnerable to Cross-site request forgery (CSRF) in the file upload functionality High
CVE-2017-12881 was published for org.springframework.batch:spring-batch-admin-manager (Maven) May 17, 2022
Cross-Site Request Forgery (CSRF) vulnerability in ptibogxiv Doliconnect allows Stored XSS. This... High Unreviewed
CVE-2025-58690 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in purethemes WorkScout-Core allows Cross Site... High Unreviewed
CVE-2025-59572 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shankaranand Maurya WP Content Protection... High Unreviewed
CVE-2025-58670 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Attractive Donations System allows... High Unreviewed
CVE-2025-58956 was published Sep 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP CMS Ninja Current Age Plugin allows Stored... High Unreviewed
CVE-2025-58687 was published Sep 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database